期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于互斥权限约束的角色挖掘优化方法 被引量:3

Optimization Method of Role Mining Based on Mutually Exclusive Permissions Constraints
下载PDF
导出
摘要 现有自底向上的角色工程方法挖掘规模庞大,挖掘结果存在冗余,且不能反映系统功能的安全需求。为优化角色结果,针对角色优化中的互斥约束问题,结合枚举角色挖掘,提出一种基于互斥权限约束的角色挖掘优化方法。利用用户聚类元组及互斥约束优化角色挖掘过程,通过角色职责分离对安全约束的合理性进行分析,采用矩阵分析法调整已挖掘权限的矩阵单元值,挖掘优化角色以覆盖所有权限。实验结果表明,通过权限覆盖分析法辅助挖掘的优化角色结果能够保证挖掘过程的完整性;与枚举挖掘法相比,该方法能够保证信息系统的安全性,降低角色结果的冗余度。 Mining roles in large scale organizations are very redundant and can not reflect system security requirements in existing approaches to bottom-up role engineering. In order to discover optimal roles, this paper proposes an optimization method for role mining, which is based on the enumeration approach to role mining. The method utilizes mutually exclusive permissions constraints to optimize the role mining process by clustering users. It analyzes the correctness of secure constraints by using separation of duty,and cells’ values of mining permissions are adjusted in access control matrix. The method mines roles that cover all permissions. Experimental results show that the set of optimal roles can ensure the completeness of role mining. Compared with the enumeration method,the optimization method can reduce the redundancy of roles and ensure system security.
作者 孙伟 苏辉 李艳灵
机构地区 信阳师范学院计算机与信息技术学院 信阳师范学院网络信息与计算中心
出处 《计算机工程》 CAS CSCD 2014年第11期205-210,共6页 Computer Engineering
基金 国家自然科学基金资助项目(61202194) 河南省教育厅科学技术研究基金资助重点项目(13A520765) 河南省信息技术教育研究基金资助项目(ITE12192)
关键词 基于角色的访问控制 角色工程 角色挖掘 角色优化 互斥权限约束 访问控制矩阵 Role-based Access Control(RBAC) role engineering role mining role optimization mutually exclusive permissions constraints access control matrix
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献12

  • 1Kuhlmann M,Shohat D,Schimpf G.Role Miningrevealing Business Roles for Security Administration Using Data Mining Technology[C]//Proceedings of the 8th ACM Symposium on Access Control Models and Technologies.Como,Italy:ACM Press,2003:179-186.
  • 2马晓普,李瑞轩,胡劲纬.访问控制中的角色工程[J].小型微型计算机系统,2013,34(6):1301-1306. 被引量:11
  • 3Molloy I,Chen Hong,Li Tiancheng,et al.Mining Roles with Semantic Meanings [C]//Proceedings of the 13th ACM Symposium on Access Control Models and Technologies.Estes Park,USA:ACM Press,2008:21-30.
  • 4Zhang Dana,Ramamohanarao K,Ebringer T.Role Engineering Using Graph Optimization[C]//Proceedings of the 12th ACM Symposium on Access Control Models and Technologies.Sophia Antipolis,France:ACM Press,2007:139-144.
  • 5Ene A,Horne W,Milosavljevic N,et al.Fast Exact and Heuristic Methods for Role Minimization Problems [C]//Proceedings of the 13th ACM Symposium on Access Control Models and Technologies.Estes Park,USA:ACM Press,2008:1-10.
  • 6Vaidya J,Atluri V,Guo Qi.The Role Mining Problem: Finding a Minimal Description Set of Roles [C]//Proceedings of the 12th ACM Symposium on Access Control Models and Technologies.Sophia Antipolis,France:ACM Press,2007:175-184.
  • 7Ma Xiaopu,Li Ruixuan,Lu Zhengding,et al.Mining Constraints in Role-based Access Control [J].Mathematical and Computer Modelling,2012,55(1):87-96.
  • 8Kumar R,Sural S,Gupta A.Mining RBAC Roles Under Cardinality Constraint [C]// Proceedings of the 6th International Conference on Information Systems Security.Gandhinagar,India: Information Systems Security Press,2010:171-185.
  • 9Vaidya J,Atluri V,Warner J.RoleMiner:Mining Roles Using Subset Enumeration[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security.Alexandria,USA:ACM Press,2006:144-153.
  • 10Li Ninghui,Tripunitara M V,Bizri Z.On Mutually Exclusive Roles and Separation of Duty [J].ACM Transactions on Information and System Security,2007,10(2):42-51.

二级参考文献3

共引文献10

同被引文献10

引证文献3

二级引证文献7

计算机工程
2014年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部